We use cookies to ensure you get the best experience on our website
Halaman utama Jelajahi Bantuan
Daftar Masuk
0ct0pu5
/
moby
1
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Jelajahi Sumber

Merge pull request #44234 from thaJeztah/resolvconf_refactor_step1

libnetwork/resolvconf: some cleaning up and optimisations
Sebastiaan van Stijn 2 tahun lalu
induk
3eca54384d 56fbbde2ed
melakukan
31bf00d3ec
6 mengubah file dengan 469 tambahan dan 358 penghapusan
Tampilan Split Tampilkan Statistik Diff
  1. 15 23
      libnetwork/resolvconf/resolvconf.go
  2. 0 303
      libnetwork/resolvconf/resolvconf_linux_test.go
  3. 427 0
      libnetwork/resolvconf/resolvconf_unix_test.go
  4. 6 8
      libnetwork/resolvconf/utils.go
  5. 11 8
      libnetwork/resolvconf/utils_test.go
  6. 10 16
      libnetwork/sandbox_dns_unix.go

+ 15 - 23
libnetwork/resolvconf/resolvconf.go
Tampilan Berkas 

@@ -88,7 +88,7 @@ var (
 
 // File contains the resolv.conf content and its hash
 
 type File struct {
 
 	Content []byte
 
-	Hash    string
 
+	Hash    []byte
 
 }
 
 
 // Get returns the contents of /etc/resolv.conf and its hash
 
@@ -102,11 +102,7 @@ func GetSpecific(path string) (*File, error) {
 
 	if err != nil {
 
 		return nil, err
 
 	}
 
-	hash, err := hashData(bytes.NewReader(resolv))
 
-	if err != nil {
 
-		return nil, err
 
-	}
 
-	return &File{Content: resolv, Hash: hash}, nil
 
+	return &File{Content: resolv, Hash: hashData(resolv)}, nil
 
 }
 
 
 // FilterResolvDNS cleans up the config in resolvConf.  It has two main jobs:
 
@@ -132,11 +128,7 @@ func FilterResolvDNS(resolvConf []byte, ipv6Enabled bool) (*File, error) {
 
 		}
 
 		cleanedResolvConf = append(cleanedResolvConf, []byte("\n"+strings.Join(dns, "\n"))...)
 
 	}
 
-	hash, err := hashData(bytes.NewReader(cleanedResolvConf))
 
-	if err != nil {
 
-		return nil, err
 
-	}
 
-	return &File{Content: cleanedResolvConf, Hash: hash}, nil
 
+	return &File{Content: cleanedResolvConf, Hash: hashData(cleanedResolvConf)}, nil
 
 }
 
 
 // getLines parses input into lines and strips away comments.
 
@@ -156,7 +148,7 @@ func getLines(input []byte, commentMarker []byte) [][]byte {
 
 
 // GetNameservers returns nameservers (if any) listed in /etc/resolv.conf
 
 func GetNameservers(resolvConf []byte, kind int) []string {
 
-	nameservers := []string{}
 
+	var nameservers []string
 
 	for _, line := range getLines(resolvConf, []byte("#")) {
 
 		var ns [][]byte
 
 		if kind == IP {
 
@@ -177,7 +169,7 @@ func GetNameservers(resolvConf []byte, kind int) []string {
 
 // /etc/resolv.conf as CIDR blocks (e.g., "1.2.3.4/32")
 
 // This function's output is intended for net.ParseCIDR
 
 func GetNameserversAsCIDR(resolvConf []byte) []string {
 
-	nameservers := []string{}
 
+	var nameservers []string
 
 	for _, nameserver := range GetNameservers(resolvConf, IP) {
 
 		var address string
 
 		// If IPv6, strip zone if present
 
@@ -195,7 +187,7 @@ func GetNameserversAsCIDR(resolvConf []byte) []string {
 
 // If more than one search line is encountered, only the contents of the last
 
 // one is returned.
 
 func GetSearchDomains(resolvConf []byte) []string {
 
-	domains := []string{}
 
+	var domains []string
 
 	for _, line := range getLines(resolvConf, []byte("#")) {
 
 		match := searchRegexp.FindSubmatch(line)
 
 		if match == nil {
 
@@ -210,7 +202,7 @@ func GetSearchDomains(resolvConf []byte) []string {
 
 // If more than one options line is encountered, only the contents of the last
 
 // one is returned.
 
 func GetOptions(resolvConf []byte) []string {
 
-	options := []string{}
 
+	var options []string
 
 	for _, line := range getLines(resolvConf, []byte("#")) {
 
 		match := optionsRegexp.FindSubmatch(line)
 
 		if match == nil {
 
@@ -221,10 +213,11 @@ func GetOptions(resolvConf []byte) []string {
 
 	return options
 
 }
 
 
-// Build writes a configuration file to path containing a "nameserver" entry
 
-// for every element in dns, a "search" entry for every element in
 
-// dnsSearch, and an "options" entry for every element in dnsOptions.
 
-func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) {
 
+// Build generates and writes a configuration file to path containing a nameserver
 
+// entry for every element in nameservers, a "search" entry for every element in
 
+// dnsSearch, and an "options" entry for every element in dnsOptions. It returns
 
+// a File containing the generated content and its (sha256) hash.
 
+func Build(path string, nameservers, dnsSearch, dnsOptions []string) (*File, error) {
 
 	content := bytes.NewBuffer(nil)
 
 	if len(dnsSearch) > 0 {
 
 		if searchString := strings.Join(dnsSearch, " "); strings.Trim(searchString, " ") != "." {
 
@@ -233,7 +226,7 @@ func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) {
 
 			}
 
 		}
 
 	}
 
-	for _, dns := range dns {
 
+	for _, dns := range nameservers {
 
 		if _, err := content.WriteString("nameserver " + dns + "\n"); err != nil {
 
 			return nil, err
 
 		}
 
@@ -246,10 +239,9 @@ func Build(path string, dns, dnsSearch, dnsOptions []string) (*File, error) {
 
 		}
 
 	}
 
 
-	hash, err := hashData(bytes.NewReader(content.Bytes()))
 
-	if err != nil {
 
+	if err := os.WriteFile(path, content.Bytes(), 0o644); err != nil {
 
 		return nil, err
 
 	}
 
 
-	return &File{Content: content.Bytes(), Hash: hash}, os.WriteFile(path, content.Bytes(), 0644)
 
+	return &File{Content: content.Bytes(), Hash: hashData(content.Bytes())}, nil
 
 }

+ 0 - 303
libnetwork/resolvconf/resolvconf_linux_test.go
Tampilan Berkas 

@@ -1,303 +0,0 @@
 
-package resolvconf
 
-
 
-import (
 
-	"bytes"
 
-	"os"
 
-	"testing"
 
-)
 
-
 
-func TestGet(t *testing.T) {
 
-	resolvConfUtils, err := Get()
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-	resolvConfSystem, err := os.ReadFile("/etc/resolv.conf")
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-	if string(resolvConfUtils.Content) != string(resolvConfSystem) {
 
-		t.Fatalf("/etc/resolv.conf and GetResolvConf have different content.")
 
-	}
 
-	hashSystem, err := hashData(bytes.NewReader(resolvConfSystem))
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-	if resolvConfUtils.Hash != hashSystem {
 
-		t.Fatalf("/etc/resolv.conf and GetResolvConf have different hashes.")
 
-	}
 
-}
 
-
 
-func TestGetNameservers(t *testing.T) {
 
-	for resolv, result := range map[string][]string{`
 
-nameserver 1.2.3.4
 
-nameserver 40.3.200.10
 
-search example.com`: {"1.2.3.4", "40.3.200.10"},
 
-		`search example.com`: {},
 
-		`nameserver 1.2.3.4
 
-search example.com
 
-nameserver 4.30.20.100`: {"1.2.3.4", "4.30.20.100"},
 
-		``:                        {},
 
-		`  nameserver 1.2.3.4   `: {"1.2.3.4"},
 
-		`search example.com
 
-nameserver 1.2.3.4
 
-#nameserver 4.3.2.1`: {"1.2.3.4"},
 
-		`search example.com
 
-nameserver 1.2.3.4 # not 4.3.2.1`: {"1.2.3.4"},
 
-	} {
 
-		test := GetNameservers([]byte(resolv), IP)
 
-		if !strSlicesEqual(test, result) {
 
-			t.Fatalf("Wrong nameserver string {%s} should be %v. Input: %s", test, result, resolv)
 
-		}
 
-	}
 
-}
 
-
 
-func TestGetNameserversAsCIDR(t *testing.T) {
 
-	for resolv, result := range map[string][]string{`
 
-nameserver 1.2.3.4
 
-nameserver 40.3.200.10
 
-search example.com`: {"1.2.3.4/32", "40.3.200.10/32"},
 
-		`search example.com`: {},
 
-		`nameserver 1.2.3.4
 
-search example.com
 
-nameserver 4.30.20.100`: {"1.2.3.4/32", "4.30.20.100/32"},
 
-		``:                        {},
 
-		`  nameserver 1.2.3.4   `: {"1.2.3.4/32"},
 
-		`search example.com
 
-nameserver 1.2.3.4
 
-#nameserver 4.3.2.1`: {"1.2.3.4/32"},
 
-		`search example.com
 
-nameserver 1.2.3.4 # not 4.3.2.1`: {"1.2.3.4/32"},
 
-	} {
 
-		test := GetNameserversAsCIDR([]byte(resolv))
 
-		if !strSlicesEqual(test, result) {
 
-			t.Fatalf("Wrong nameserver string {%s} should be %v. Input: %s", test, result, resolv)
 
-		}
 
-	}
 
-}
 
-
 
-func TestGetSearchDomains(t *testing.T) {
 
-	for resolv, result := range map[string][]string{
 
-		`search example.com`:                                   {"example.com"},
 
-		`search example.com # ignored`:                         {"example.com"},
 
-		`	  search	 example.com	  `:                            {"example.com"},
 
-		`	  search	 example.com	  # ignored`:                   {"example.com"},
 
-		`search foo.example.com example.com`:                   {"foo.example.com", "example.com"},
 
-		`	   search	   foo.example.com	 example.com	`:          {"foo.example.com", "example.com"},
 
-		`	   search	   foo.example.com	 example.com	# ignored`: {"foo.example.com", "example.com"},
 
-		``:          {},
 
-		`# ignored`: {},
 
-		`nameserver 1.2.3.4
 
-search foo.example.com example.com`: {"foo.example.com", "example.com"},
 
-		`nameserver 1.2.3.4
 
-search dup1.example.com dup2.example.com
 
-search foo.example.com example.com`: {"foo.example.com", "example.com"},
 
-		`nameserver 1.2.3.4
 
-search foo.example.com example.com
 
-nameserver 4.30.20.100`: {"foo.example.com", "example.com"},
 
-	} {
 
-		test := GetSearchDomains([]byte(resolv))
 
-		if !strSlicesEqual(test, result) {
 
-			t.Fatalf("Wrong search domain string {%s} should be %v. Input: %s", test, result, resolv)
 
-		}
 
-	}
 
-}
 
-
 
-func TestGetOptions(t *testing.T) {
 
-	for resolv, result := range map[string][]string{
 
-		`options opt1`:                            {"opt1"},
 
-		`options opt1 # ignored`:                  {"opt1"},
 
-		`	  options	 opt1	  `:                     {"opt1"},
 
-		`	  options	 opt1	  # ignored`:            {"opt1"},
 
-		`options opt1 opt2 opt3`:                  {"opt1", "opt2", "opt3"},
 
-		`options opt1 opt2 opt3 # ignored`:        {"opt1", "opt2", "opt3"},
 
-		`	   options	 opt1	 opt2	 opt3	`:          {"opt1", "opt2", "opt3"},
 
-		`	   options	 opt1	 opt2	 opt3	# ignored`: {"opt1", "opt2", "opt3"},
 
-		``:                   {},
 
-		`# ignored`:          {},
 
-		`nameserver 1.2.3.4`: {},
 
-		`nameserver 1.2.3.4
 
-options opt1 opt2 opt3`: {"opt1", "opt2", "opt3"},
 
-		`nameserver 1.2.3.4
 
-options opt1 opt2
 
-options opt3 opt4`: {"opt3", "opt4"},
 
-	} {
 
-		test := GetOptions([]byte(resolv))
 
-		if !strSlicesEqual(test, result) {
 
-			t.Fatalf("Wrong options string {%s} should be %v. Input: %s", test, result, resolv)
 
-		}
 
-	}
 
-}
 
-
 
-func strSlicesEqual(a, b []string) bool {
 
-	if len(a) != len(b) {
 
-		return false
 
-	}
 
-
 
-	for i, v := range a {
 
-		if v != b[i] {
 
-			return false
 
-		}
 
-	}
 
-
 
-	return true
 
-}
 
-
 
-func TestBuild(t *testing.T) {
 
-	file, err := os.CreateTemp("", "")
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-	defer os.Remove(file.Name())
 
-
 
-	_, err = Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{"opt1"})
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-
 
-	content, err := os.ReadFile(file.Name())
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-
 
-	if expected := "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"; !bytes.Contains(content, []byte(expected)) {
 
-		t.Fatalf("Expected to find '%s' got '%s'", expected, content)
 
-	}
 
-}
 
-
 
-func TestBuildWithZeroLengthDomainSearch(t *testing.T) {
 
-	file, err := os.CreateTemp("", "")
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-	defer os.Remove(file.Name())
 
-
 
-	_, err = Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"."}, []string{"opt1"})
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-
 
-	content, err := os.ReadFile(file.Name())
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-
 
-	if expected := "nameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"; !bytes.Contains(content, []byte(expected)) {
 
-		t.Fatalf("Expected to find '%s' got '%s'", expected, content)
 
-	}
 
-	if notExpected := "search ."; bytes.Contains(content, []byte(notExpected)) {
 
-		t.Fatalf("Expected to not find '%s' got '%s'", notExpected, content)
 
-	}
 
-}
 
-
 
-func TestBuildWithNoOptions(t *testing.T) {
 
-	file, err := os.CreateTemp("", "")
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-	defer os.Remove(file.Name())
 
-
 
-	_, err = Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{})
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-
 
-	content, err := os.ReadFile(file.Name())
 
-	if err != nil {
 
-		t.Fatal(err)
 
-	}
 
-
 
-	if expected := "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\n"; !bytes.Contains(content, []byte(expected)) {
 
-		t.Fatalf("Expected to find '%s' got '%s'", expected, content)
 
-	}
 
-	if notExpected := "search ."; bytes.Contains(content, []byte(notExpected)) {
 
-		t.Fatalf("Expected to not find '%s' got '%s'", notExpected, content)
 
-	}
 
-}
 
-
 
-func TestFilterResolvDns(t *testing.T) {
 
-	ns0 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\n"
 
-
 
-	if result, _ := FilterResolvDNS([]byte(ns0), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed No Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	ns1 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\nnameserver 127.0.0.1\n"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	ns1 = "nameserver 10.16.60.14\nnameserver 127.0.0.1\nnameserver 10.16.60.21\n"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	ns1 = "nameserver 127.0.1.1\nnameserver 10.16.60.14\nnameserver 10.16.60.21\n"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	ns1 = "nameserver ::1\nnameserver 10.16.60.14\nnameserver 127.0.2.1\nnameserver 10.16.60.21\n"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	ns1 = "nameserver 10.16.60.14\nnameserver ::1\nnameserver 10.16.60.21\nnameserver ::1"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	// with IPv6 disabled (false param), the IPv6 nameserver should be removed
 
-	ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	// with IPv6 disabled (false param), the IPv6 link-local nameserver with zone ID should be removed
 
-	ns1 = "nameserver 10.16.60.14\nnameserver FE80::BB1%1\nnameserver FE80::BB1%eth0\nnameserver 10.16.60.21\n"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	// with IPv6 enabled, the IPv6 nameserver should be preserved
 
-	ns0 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\n"
 
-	ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed Localhost+IPv6 on: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	// with IPv6 enabled, and no non-localhost servers, Google defaults (both IPv4+IPv6) should be added
 
-	ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4\nnameserver 2001:4860:4860::8888\nnameserver 2001:4860:4860::8844"
 
-	ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-
 
-	// with IPv6 disabled, and no non-localhost servers, Google defaults (only IPv4) should be added
 
-	ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4"
 
-	ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
 
-	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
-		if ns0 != string(result.Content) {
 
-			t.Fatalf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
-		}
 
-	}
 
-}

+ 427 - 0
libnetwork/resolvconf/resolvconf_unix_test.go
Tampilan Berkas 

@@ -0,0 +1,427 @@
 
+//go:build !windows
 
+// +build !windows
 
+
 
+package resolvconf
 
+
 
+import (
 
+	"bytes"
 
+	"os"
 
+	"testing"
 
+)
 
+
 
+func TestGet(t *testing.T) {
 
+	actual, err := Get()
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+	expected, err := os.ReadFile(Path())
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+	if !bytes.Equal(actual.Content, expected) {
 
+		t.Errorf("%s and GetResolvConf have different content.", Path())
 
+	}
 
+	if !bytes.Equal(actual.Hash, hashData(expected)) {
 
+		t.Errorf("%s and GetResolvConf have different hashes.", Path())
 
+	}
 
+}
 
+
 
+func TestGetNameservers(t *testing.T) {
 
+	for _, tc := range []struct {
 
+		input  string
 
+		result []string
 
+	}{
 
+		{
 
+			input: ``,
 
+		},
 
+		{
 
+			input: `search example.com`,
 
+		},
 
+		{
 
+			input:  `  nameserver 1.2.3.4   `,
 
+			result: []string{"1.2.3.4"},
 
+		},
 
+		{
 
+			input: `
 
+nameserver 1.2.3.4
 
+nameserver 40.3.200.10
 
+search example.com`,
 
+			result: []string{"1.2.3.4", "40.3.200.10"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+search example.com
 
+nameserver 4.30.20.100`,
 
+			result: []string{"1.2.3.4", "4.30.20.100"},
 
+		},
 
+		{
 
+			input: `search example.com
 
+nameserver 1.2.3.4
 
+#nameserver 4.3.2.1`,
 
+			result: []string{"1.2.3.4"},
 
+		},
 
+		{
 
+			input: `search example.com
 
+nameserver 1.2.3.4 # not 4.3.2.1`,
 
+			result: []string{"1.2.3.4"},
 
+		},
 
+	} {
 
+		test := GetNameservers([]byte(tc.input), IP)
 
+		if !strSlicesEqual(test, tc.result) {
 
+			t.Errorf("Wrong nameserver string {%s} should be %v. Input: %s", test, tc.result, tc.input)
 
+		}
 
+	}
 
+}
 
+
 
+func TestGetNameserversAsCIDR(t *testing.T) {
 
+	for _, tc := range []struct {
 
+		input  string
 
+		result []string
 
+	}{
 
+		{
 
+			input: ``,
 
+		},
 
+		{
 
+			input: `search example.com`,
 
+		},
 
+		{
 
+			input:  `  nameserver 1.2.3.4   `,
 
+			result: []string{"1.2.3.4/32"},
 
+		},
 
+		{
 
+			input: `
 
+nameserver 1.2.3.4
 
+nameserver 40.3.200.10
 
+search example.com`,
 
+			result: []string{"1.2.3.4/32", "40.3.200.10/32"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+search example.com
 
+nameserver 4.30.20.100`,
 
+			result: []string{"1.2.3.4/32", "4.30.20.100/32"},
 
+		},
 
+		{
 
+			input: `search example.com
 
+nameserver 1.2.3.4
 
+#nameserver 4.3.2.1`,
 
+			result: []string{"1.2.3.4/32"},
 
+		},
 
+		{
 
+			input: `search example.com
 
+nameserver 1.2.3.4 # not 4.3.2.1`,
 
+			result: []string{"1.2.3.4/32"},
 
+		},
 
+	} {
 
+		test := GetNameserversAsCIDR([]byte(tc.input))
 
+		if !strSlicesEqual(test, tc.result) {
 
+			t.Errorf("Wrong nameserver string {%s} should be %v. Input: %s", test, tc.result, tc.input)
 
+		}
 
+	}
 
+}
 
+
 
+func TestGetSearchDomains(t *testing.T) {
 
+	for _, tc := range []struct {
 
+		input  string
 
+		result []string
 
+	}{
 
+		{
 
+			input: ``,
 
+		},
 
+		{
 
+			input: `# ignored`,
 
+		},
 
+		{
 
+			input:  `search example.com`,
 
+			result: []string{"example.com"},
 
+		},
 
+		{
 
+			input:  `search example.com # ignored`,
 
+			result: []string{"example.com"},
 
+		},
 
+		{
 
+			input:  `	  search	 example.com	  `,
 
+			result: []string{"example.com"},
 
+		},
 
+		{
 
+			input:  `	  search	 example.com	  # ignored`,
 
+			result: []string{"example.com"},
 
+		},
 
+		{
 
+			input:  `search foo.example.com example.com`,
 
+			result: []string{"foo.example.com", "example.com"},
 
+		},
 
+		{
 
+			input:  `	   search	   foo.example.com	 example.com	`,
 
+			result: []string{"foo.example.com", "example.com"},
 
+		},
 
+		{
 
+			input:  `	   search	   foo.example.com	 example.com	# ignored`,
 
+			result: []string{"foo.example.com", "example.com"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+search foo.example.com example.com`,
 
+			result: []string{"foo.example.com", "example.com"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+search dup1.example.com dup2.example.com
 
+search foo.example.com example.com`,
 
+			result: []string{"foo.example.com", "example.com"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+search foo.example.com example.com
 
+nameserver 4.30.20.100`,
 
+			result: []string{"foo.example.com", "example.com"},
 
+		},
 
+	} {
 
+		test := GetSearchDomains([]byte(tc.input))
 
+		if !strSlicesEqual(test, tc.result) {
 
+			t.Errorf("Wrong search domain string {%s} should be %v. Input: %s", test, tc.result, tc.input)
 
+		}
 
+	}
 
+}
 
+
 
+func TestGetOptions(t *testing.T) {
 
+	for _, tc := range []struct {
 
+		input  string
 
+		result []string
 
+	}{
 
+		{
 
+			input: ``,
 
+		},
 
+		{
 
+			input: `# ignored`,
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4`,
 
+		},
 
+		{
 
+			input:  `options opt1`,
 
+			result: []string{"opt1"},
 
+		},
 
+		{
 
+			input:  `options opt1 # ignored`,
 
+			result: []string{"opt1"},
 
+		},
 
+		{
 
+			input:  `	  options	 opt1	  `,
 
+			result: []string{"opt1"},
 
+		},
 
+		{
 
+			input:  `	  options	 opt1	  # ignored`,
 
+			result: []string{"opt1"},
 
+		},
 
+		{
 
+			input:  `options opt1 opt2 opt3`,
 
+			result: []string{"opt1", "opt2", "opt3"},
 
+		},
 
+		{
 
+			input:  `options opt1 opt2 opt3 # ignored`,
 
+			result: []string{"opt1", "opt2", "opt3"},
 
+		},
 
+		{
 
+			input:  `	   options	 opt1	 opt2	 opt3	`,
 
+			result: []string{"opt1", "opt2", "opt3"},
 
+		},
 
+		{
 
+			input:  `	   options	 opt1	 opt2	 opt3	# ignored`,
 
+			result: []string{"opt1", "opt2", "opt3"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+options opt1 opt2 opt3`,
 
+			result: []string{"opt1", "opt2", "opt3"},
 
+		},
 
+		{
 
+			input: `nameserver 1.2.3.4
 
+options opt1 opt2
 
+options opt3 opt4`,
 
+			result: []string{"opt3", "opt4"},
 
+		},
 
+	} {
 
+		test := GetOptions([]byte(tc.input))
 
+		if !strSlicesEqual(test, tc.result) {
 
+			t.Errorf("Wrong options string {%s} should be %v. Input: %s", test, tc.result, tc.input)
 
+		}
 
+	}
 
+}
 
+
 
+func strSlicesEqual(a, b []string) bool {
 
+	if len(a) != len(b) {
 
+		return false
 
+	}
 
+
 
+	for i, v := range a {
 
+		if v != b[i] {
 
+			return false
 
+		}
 
+	}
 
+
 
+	return true
 
+}
 
+
 
+func TestBuild(t *testing.T) {
 
+	tmpDir := t.TempDir()
 
+	file, err := os.CreateTemp(tmpDir, "")
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+
 
+	f, err := Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{"opt1"})
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+
 
+	const expected = "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"
 
+	if !bytes.Equal(f.Content, []byte(expected)) {
 
+		t.Errorf("Expected to find '%s' got '%s'", expected, f.Content)
 
+	}
 
+	content, err := os.ReadFile(file.Name())
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+	if !bytes.Equal(content, []byte(expected)) {
 
+		t.Errorf("Expected to find '%s' got '%s'", expected, content)
 
+	}
 
+}
 
+
 
+func TestBuildWithZeroLengthDomainSearch(t *testing.T) {
 
+	tmpDir := t.TempDir()
 
+	file, err := os.CreateTemp(tmpDir, "")
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+
 
+	f, err := Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"."}, []string{"opt1"})
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+
 
+	const expected = "nameserver ns1\nnameserver ns2\nnameserver ns3\noptions opt1\n"
 
+	if !bytes.Equal(f.Content, []byte(expected)) {
 
+		t.Errorf("Expected to find '%s' got '%s'", expected, f.Content)
 
+	}
 
+	content, err := os.ReadFile(file.Name())
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+	if !bytes.Equal(content, []byte(expected)) {
 
+		t.Errorf("Expected to find '%s' got '%s'", expected, content)
 
+	}
 
+}
 
+
 
+func TestBuildWithNoOptions(t *testing.T) {
 
+	tmpDir := t.TempDir()
 
+	file, err := os.CreateTemp(tmpDir, "")
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+
 
+	f, err := Build(file.Name(), []string{"ns1", "ns2", "ns3"}, []string{"search1"}, []string{})
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+
 
+	const expected = "search search1\nnameserver ns1\nnameserver ns2\nnameserver ns3\n"
 
+	if !bytes.Equal(f.Content, []byte(expected)) {
 
+		t.Errorf("Expected to find '%s' got '%s'", expected, f.Content)
 
+	}
 
+	content, err := os.ReadFile(file.Name())
 
+	if err != nil {
 
+		t.Fatal(err)
 
+	}
 
+	if !bytes.Equal(content, []byte(expected)) {
 
+		t.Errorf("Expected to find '%s' got '%s'", expected, content)
 
+	}
 
+}
 
+
 
+func TestFilterResolvDNS(t *testing.T) {
 
+	ns0 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\n"
 
+
 
+	if result, _ := FilterResolvDNS([]byte(ns0), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed No Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	ns1 := "nameserver 10.16.60.14\nnameserver 10.16.60.21\nnameserver 127.0.0.1\n"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	ns1 = "nameserver 10.16.60.14\nnameserver 127.0.0.1\nnameserver 10.16.60.21\n"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	ns1 = "nameserver 127.0.1.1\nnameserver 10.16.60.14\nnameserver 10.16.60.21\n"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	ns1 = "nameserver ::1\nnameserver 10.16.60.14\nnameserver 127.0.2.1\nnameserver 10.16.60.21\n"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	ns1 = "nameserver 10.16.60.14\nnameserver ::1\nnameserver 10.16.60.21\nnameserver ::1"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	// with IPv6 disabled (false param), the IPv6 nameserver should be removed
 
+	ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	// with IPv6 disabled (false param), the IPv6 link-local nameserver with zone ID should be removed
 
+	ns1 = "nameserver 10.16.60.14\nnameserver FE80::BB1%1\nnameserver FE80::BB1%eth0\nnameserver 10.16.60.21\n"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost+IPv6 off: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	// with IPv6 enabled, the IPv6 nameserver should be preserved
 
+	ns0 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\n"
 
+	ns1 = "nameserver 10.16.60.14\nnameserver 2002:dead:beef::1\nnameserver 10.16.60.21\nnameserver ::1"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed Localhost+IPv6 on: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	// with IPv6 enabled, and no non-localhost servers, Google defaults (both IPv4+IPv6) should be added
 
+	ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4\nnameserver 2001:4860:4860::8888\nnameserver 2001:4860:4860::8844"
 
+	ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), true); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+
 
+	// with IPv6 disabled, and no non-localhost servers, Google defaults (only IPv4) should be added
 
+	ns0 = "\nnameserver 8.8.8.8\nnameserver 8.8.4.4"
 
+	ns1 = "nameserver 127.0.0.1\nnameserver ::1\nnameserver 127.0.2.1"
 
+	if result, _ := FilterResolvDNS([]byte(ns1), false); result != nil {
 
+		if ns0 != string(result.Content) {
 
+			t.Errorf("Failed no Localhost+IPv6 enabled: expected \n<%s> got \n<%s>", ns0, string(result.Content))
 
+		}
 
+	}
 
+}

+ 6 - 8
libnetwork/resolvconf/utils.go
Tampilan Berkas 

@@ -3,14 +3,12 @@ package resolvconf
 
 import (
 
 	"crypto/sha256"
 
 	"encoding/hex"
 
-	"io"
 
 )
 
 
-// hashData returns the sha256 sum of src.
 
-func hashData(src io.Reader) (string, error) {
 
-	h := sha256.New()
 
-	if _, err := io.Copy(h, src); err != nil {
 
-		return "", err
 
-	}
 
-	return "sha256:" + hex.EncodeToString(h.Sum(nil)), nil
 
+// hashData returns the sha256 sum of data.
 
+func hashData(data []byte) []byte {
 
+	f := sha256.Sum256(data)
 
+	out := make([]byte, 2*sha256.Size)
 
+	hex.Encode(out, f[:])
 
+	return append([]byte("sha256:"), out...)
 
 }

+ 11 - 8
libnetwork/resolvconf/utils_test.go
Tampilan Berkas 

@@ -1,18 +1,21 @@
 
 package resolvconf
 
 
 import (
 
-	"strings"
 
+	"bytes"
 
 	"testing"
 
 )
 
 
 func TestHashData(t *testing.T) {
 
-	reader := strings.NewReader("hash-me")
 
-	actual, err := hashData(reader)
 
-	if err != nil {
 
-		t.Fatal(err)
 
+	const expected = "sha256:4d11186aed035cc624d553e10db358492c84a7cd6b9670d92123c144930450aa"
 
+	if actual := hashData([]byte("hash-me")); !bytes.Equal(actual, []byte(expected)) {
 
+		t.Fatalf("Expecting %s, got %s", expected, string(actual))
 
 	}
 
-	expected := "sha256:4d11186aed035cc624d553e10db358492c84a7cd6b9670d92123c144930450aa"
 
-	if actual != expected {
 
-		t.Fatalf("Expecting %s, got %s", expected, actual)
 
+}
 
+
 
+func BenchmarkHashData(b *testing.B) {
 
+	b.ReportAllocs()
 
+	data := []byte("hash-me")
 
+	for i := 0; i < b.N; i++ {
 
+		_ = hashData(data)
 
 	}
 
 }

+ 10 - 16
libnetwork/sandbox_dns_unix.go
Tampilan Berkas 

@@ -4,6 +4,7 @@
 
 package libnetwork
 
 
 import (
 
+	"bytes"
 
 	"fmt"
 
 	"net"
 
 	"os"
 
@@ -279,7 +280,8 @@ func (sb *Sandbox) setupDNS() error {
 
 	}
 
 
 	// Write hash
 
-	if err := os.WriteFile(sb.config.resolvConfHashFile, []byte(newRC.Hash), filePerm); err != nil {
 
+	err = os.WriteFile(sb.config.resolvConfHashFile, newRC.Hash, filePerm)
 
+	if err != nil {
 
 		return types.InternalErrorf("failed to write resolv.conf hash file when setting up dns for sandbox %s: %v", sb.ID(), err)
 
 	}
 
 
@@ -287,11 +289,6 @@ func (sb *Sandbox) setupDNS() error {
 
 }
 
 
 func (sb *Sandbox) updateDNS(ipv6Enabled bool) error {
 
-	var (
 
-		currHash string
 
-		hashFile = sb.config.resolvConfHashFile
 
-	)
 
-
 
 	// This is for the host mode networking
 
 	if sb.config.useDefaultSandBox {
 
 		return nil
 
@@ -301,23 +298,20 @@ func (sb *Sandbox) updateDNS(ipv6Enabled bool) error {
 
 		return nil
 
 	}
 
 
+	var currHash []byte
 
 	currRC, err := resolvconf.GetSpecific(sb.config.resolvConfPath)
 
 	if err != nil {
 
 		if !os.IsNotExist(err) {
 
 			return err
 
 		}
 
 	} else {
 
-		h, err := os.ReadFile(hashFile)
 
-		if err != nil {
 
-			if !os.IsNotExist(err) {
 
-				return err
 
-			}
 
-		} else {
 
-			currHash = string(h)
 
+		currHash, err = os.ReadFile(sb.config.resolvConfHashFile)
 
+		if err != nil && !os.IsNotExist(err) {
 
+			return err
 
 		}
 
 	}
 
 
-	if currHash != "" && currHash != currRC.Hash {
 
+	if len(currHash) > 0 && !bytes.Equal(currHash, currRC.Hash) {
 
 		// Seems the user has changed the container resolv.conf since the last time
 
 		// we checked so return without doing anything.
 
 		// logrus.Infof("Skipping update of resolv.conf file with ipv6Enabled: %t because file was touched by user", ipv6Enabled)
 
@@ -344,14 +338,14 @@ func (sb *Sandbox) updateDNS(ipv6Enabled bool) error {
 
 		tmpHashFile.Close()
 
 		return err
 
 	}
 
-	_, err = tmpHashFile.Write([]byte(newRC.Hash))
 
+	_, err = tmpHashFile.Write(newRC.Hash)
 
 	if err1 := tmpHashFile.Close(); err == nil {
 
 		err = err1
 
 	}
 
 	if err != nil {
 
 		return err
 
 	}
 
-	return os.Rename(tmpHashFile.Name(), hashFile)
 
+	return os.Rename(tmpHashFile.Name(), sb.config.resolvConfHashFile)
 
 }
 
 
 // Embedded DNS server has to be enabled for this sandbox. Rebuild the container's

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5